My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Item 26 - Agreement with Allied Network Solutions, Inc. for Adobe Software and Subscription
Clerk
>
Agenda Packets / Staff Reports
>
City Council (2004 - Present)
>
2025
>
01/21/2025
>
Item 26 - Agreement with Allied Network Solutions, Inc. for Adobe Software and Subscription
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
1/27/2025 5:03:20 PM
Creation date
1/21/2025 2:16:24 PM
Metadata
Fields
Template:
City Clerk
Doc Type
Agenda Packet
Agency
Information Technology
Item #
26
Date
1/21/2025
Jump to thumbnail
< previous set
next set >
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
762
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
SOLICITATION # CH16012 <br />NIST 800-53: NIST 800-53 provides the core controls that must be met to achieve FedRAMP <br />compliance. VMware vCloud Government Service has FedRAMP Provisional Authority to Operate <br />issued by the Joint Authorization Board (JAB), thus we are compliant with NIST 800-53. <br />NIST SP 800-171: VMware vCloud Government Service has FedRAMP Provisional Authority to <br />Operate issued by the Joint Authorization Board (JAB). NIST 800-171 outlines a subset of the NIST <br />800-53 requirements, and as stated above, VMware vCloud Government Service is compliant with <br />these guidelines. Since NIST 800-171 outlines a subset of the NIST 800-53 requirements, VMware <br />vCloud Government Service is compliant with NIST SP 800-171. <br />FIPS 200: Neither vCloud Air nor vCGS are currently FIPS 200 certified at this time. VMware will work <br />with Participating Entities to meet PCI requirements on a task order basis. <br />VMWare AirWatch <br />The AirWatch Information Security Program is built on the security framework laid out in NIST 800-53. <br />Although AirWatch is not required to register with any regulatory agencies, we provide a suite of tools <br />for our customer's to maintain industry -relevant compliance guidelines within their mobile device <br />fleets. AirWatch has recently been awarded the HP-IAPP Privacy Innovation Award for Most <br />Innovative Privacy Technology by the International Association of Privacy Professionals (IAPP) for our <br />commitment to delivering an EMM platform focused on end -user privacy. To help ensure the <br />confidentiality, integrity, and availability of our cloud offering, we comply with the European Data <br />Protection Directive (95/46/EC) and our top -tier data center partners have undergone SSAE16 SOC2 <br />T e II its. <br />FireEye <br />Currently the standards that apply are SSAE 16 SOC 2 Type 2, with a FedRAMP ATO in place and <br />full FedRAMP certification in process. We are also in the process of becoming FedRAMP ISO 2700x <br />certified. <br />VirtueStream <br />Security is the foundation of our business. Virtustream's xStreamTM cloud software assists our <br />customers to meet mandatory Legislative requirements, and achieve and maintain SSAE16, <br />ISAE3402, PCI-DSS 3.0, FISMA, ISO 27001-2005/2013, ISO 9001-2008, HIPAA, CSA STAR and <br />other leading cloud certifications and compliance frameworks in the customer's own environment <br />when coupled with identified operational and management controls). <br />8.6.3 Offeror must describe its security practices in place to secure data and applications, including threats <br />from outside the service center as well as other customers co -located within the same service center. <br />CA <br />APM <br />CA technologies understands that security is a top concern when evaluating cloud - <br />based applications, which is why CA technologies operations worldwide conform to <br />rigorous certification, compliance and security programs and processes. In addition, <br />we contract with independent auditors to regularly evaluate and validate the security <br />of our service. High risks are identified, validated and remediated before production <br />systems are made available. Medium risks are evaluated and resolved on a priority <br />basis. <br />MAA <br />All MAA core servers are behind firewalls; only systems administrators have access to <br />the servers; all data is encrypted when transmitted between data centers. The MAA <br />dashboard and API are protected with HTTPS/TLS encryption, and users are required <br />to authenticate in order to access these. <br />CA Agile <br />We use a co -located data center provider and within that environment we have a <br />dedicated cage to which only our Operations Team has access. We also monitor all <br />traffic across our systems using HIDS (OSSEC) and NIDS (Snort) to notify of any <br />suspicious activity. <br />ASM <br />All ASM core servers are behind firewalls; only systems administrators have access to <br />the servers; all data is encrypted when transmitted between data centers. The ASM <br />dashboard and API are protected with HTTPS/TLS encryption, and users are required <br />to use a username and password to login to their accounts. <br />carahsoft 59 carahsoft <br />
The URL can be used to link to this page
Your browser does not support the video tag.